Skip to main content

Severity overrides

This document explains how to change globally severity levels of vulnerabilities found in DAST scans. For information on changing the severity level of a specific vulnerability, refer to the Change severity level document.

info
  • Role requirements: possibility to override the vulnerabilities' severity levels in Invicti Platform requires either an Administrator, Owner, Security Analyst, Security Manager role, or a custom role with Vulnerability full-access permission.
  • Precedence: severity levels follow this hierarchy:
    • Asset: the specific severity set for the asset.
    • Global: the organization-wide severity setting.
    • Default: Invicti's standard system severity level.

Global severity override

  1. Select Settings > Severity overrides from the left-side menu.
  2. In the Custom severity column open the drop-down to select the new severity level for each vulnerability type.
Custom severity drop-down menu for selecting new severity levels.
  1. Click Save changes.
  2. Information about the change is visible in the Changed by column.
Severity overrides table showing timestamp of the change.
  1. The new severity level for this vulnerability type is automatically visible in the:
    • Specific vulnerability drawer details unless related asset has individually set severity levels.
      Vulnerability drawer displaying global severity level information.
    • All vulnerabilities page.
    • Scan details page: in Scan summary, Vulnerabilities, and Past scans (when applicable) tabs.
    • Any new report created after the change.
tip

Audit log records the vulnerability type severity override details and name of the user who performed the change.

Undo global severity override

  1. Select Settings > Severity overrides from the left-side menu.
  2. In the Custom severity column open the drop-down and select the default severity level.
  3. Click Save changes.
  4. Information about the change is visible in the Changed by column.
  5. The severity level for this vulnerability type is automatically visible in the:
    • Specific vulnerability drawer details unless related asset has individually set severity levels.
    • All vulnerabilities page.
    • Scan details page: in Scan summary, Vulnerabilities, and Past scans (when applicable) tabs.
    • Any new report created after the change.
tip

Audit log records the vulnerability type severity override details and name of the user who performed the change.

Need help?

Invicti Support team is ready to provide you with technical help. Go to Help Center

Last updated on
Was this page useful?